Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

open redirect vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2013-2582
CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject arbitrary HTTP headers and conduct open redirect attacks by leveraging...
Open-xchange Open-xchange Appsuite 6.22.0Open-xchange Open-xchange Appsuite 6.22.1Open-xchange Open-xchange Appsuite 7.0.1Open-xchange Open-xchange Appsuite 7.0.2Open-xchange Open-xchange Server 6.22.1Open-xchange Open-xchange Server 7.0.1Open-xchange Open-xchange Server 6.22.0Open-xchange Open-xchange Server 7.0.2
5.3
CVE-2022-37311
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet....
Open-xchange Open-xchange AppsuiteOpen-xchange Open-xchange Appsuite 7.10.5Open-xchange Open-xchange Appsuite 7.10.6
5.3
CVE-2022-37312
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet....
Open-xchange Open-xchange AppsuiteOpen-xchange Open-xchange Appsuite 7.10.5Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2013-1647
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter, as demonstrated by (1)...
Open-xchange Open-xchange Server 6.22.1Open-xchange Open-xchange Server 6.22.0Open-xchange Open-xchange Server 6.20.7
7.4
CVSSv3
CVE-2016-3174
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be provided as redirection target. Users can be tricked to follow a link to...
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2022-31040
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to...
Maykinmedia Open FormsMaykinmedia Open Forms 1.10
6.1
CVSSv3
CVE-2018-8937
An issue was discovered in Open-AudIT Professional 2.1. It is possible to inject a malicious payload in the redirect_url parameter to the /login URI to trigger an open redirect. A "data:text/html;base64," payload can be used with JavaScript code....
Open-audit Open-audit 2.1
6.1
CVSSv3
CVE-2020-13565
An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can redirect users to an arbitrary URL. An...
Open-emr Openemr 5.0.2Phpgacl Project Phpgacl 3.3.7
6.1
CVSSv3
CVE-2018-14381
Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability....
Pagekit Pagekit
6.1
CVSSv3
CVE-2014-3652
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL....
Redhat Keycloak 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelessSQLCVE-2023-1454overflowCVE-2022-48425CVE-2023-25064CVE-2023-28107
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook